Our ongoing investigation of illegal intrusions into Sony Online Entertainment systems has discovered that hackers may have obtained personal customer information from SOE systems. We are today advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyber-attack. Stolen information includes, to the extent you provided it to us, the following: name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password.

In a twist, the company has also announced a number of older credit card numbers and expiration dates from an older, 2007 database may have been compromised. "...12,700 non-US customer credit or debit card numbers and expiration dates (but not credit card security codes) and about 10,700 direct debit records listing bank account numbers of certain customers in Germany, Austria, Netherlands and Spain may have also been obtained—we will be notifying each of those customers promptly," Sony explained.

The services have been taken offline, the security is being strengthened, and an outside, "recognized" security firm has been called in.

This could be a much larger problem than the PSN hack, with for-pay games being taken offline, and older credit card data being potentially stolen. We'll be following this story as it develops.

And the stock price didn't move. So for the market, it is like nothing happened. We really live in a weird world.

The market is closed though.

Fair enough, I will check tomorrow too in this case. But for what I saw in the last few days, the annoucements didn't make a dent in the price, and it even rised today. I'm not a market specialist, it is even my first time I check a company stocks after this kind of incident. Was just hoping for a bit more reaction.

It's funny. My (old, deactivated) EQ2 account was compromised around the same time as the PSN hack and I posted asking if it had happened to anyone else. I thought it might be a harbinger. Looks like I was unfortunately right.

So, is this part of the same hacking attempt as the PSN incident, or is this an entirely new incident?

Exactly. Same attack vector? Then wow.Different vector? Wow. Makes physical intrusion seem less likely unless PSN and the DC etc servers were in the same room (Kaz Hirai's attic?).

As for stock price - many people lack the interest or technical chops to understand. For example the PS3 key revelation was widely misunderstood inside game publishing, and that's their frikkin' core business. Or maybe Sony stock holders are just thinking 'hey it happened and now the security will be fixed, the CC companies pay for losses'.

This sounds a lot more focused than just a "Sony fail" Some group is going hard after Sony and I think if they focused on any target, they would probably get through. Wonder who will be next? Blizzard? Ubisoft?

This sounds a lot more focused than just a "Sony fail" Some group is going hard after Sony and I think if they focused on any target, they would probably get through. Wonder who will be next? Blizzard? Ubisoft?

Really? Sony is the juiciest target out there? I really doubt it. A true coup would be compromising Amazon/Facebook/Google/Microsoft/Yahoo/etc where there is both more data and more lucrative data.

It seems at this point like Sony is being "picked on" because they were a pretty easy target. If Sony was equivalently easy as the above they would, by virtue of having less value, be less likely to be compromised.

The whole "this could happen to any company" line is simply naive. If it could happen to them it would happen / would have happened. The simple truth is that Sony is the first player in the online world to "successfully" have over 100 million user account details breached. A dubious record that is entirely the fault of bad security. Period.

I love that they've actively taken down all of the SOE sites to replace them with the announcement, so you can't even check your account to see if a card you might want to cancel was linked to the fucker.

OT, but related to the subject at hand and the other Sony break-ins... What is a good service that provide "credit monitoring" or "identity theft protection" or whatever the buzzword is for watching that people aren't running amuck with your personal info and signing up for a bazillion credit cards? Google presents me with many options that look sketchy at best.